


Digital Firewall Service 

High-end, customized member of Digital’s three-tier firewall family 
combines the secure Internet connection of Digital Firewall for UNIX 
with custom configuration, consulting, and training 








By combining the powerful 64-hit, 
RISC Alpha UNIX platforms with 
our Digital Firewall for UNIX, 
custom configuration , consulting, 
and training , we provide you with 
a customized high-performance, 
intelligent gateway tailored to your 
users 1 Internet services needs while 
securing your private net work from 
malicious intrusion . 


Although the attraction to tie into the information-rich 
universe of the Internet is compelling, you cannot afford to 
do so without safeguarding your vital operational informa¬ 
tion by securing the integrity of your private networks from 
unauthorized access. Embodying our vast security experi¬ 
ence, the Digital Firewall Service gives you flexible and 
reliable Internet access with the best possible protection 
that advanced technology and know-how can provide. 


Benefits 



Balances the need for high per¬ 
formance and tight security — 
Programmable firewalls 
coupled with screened intelligent 
gateways provide the highest 
possible levels of protection 
while allowing users to have 
controlled access to the 
I n re met s fac ill ties* 


Easily accommodates unique 
security policies — By combining 
proven and tested Digital 
Firewall for UNIX® software 
with customized consulting, 
training, and support , we pro¬ 
vide you with a comprehensive 
security solution from a single 
source* 

* 

Easier Ere wall administration 
— By simplifying the base 
firewall construction and config¬ 
uration, we've made the systems 
administration easier via robust 
auditing and logging, customiz¬ 
able scripts, and host security, 

■ 

Ensures proven and reliable 
security solutions — Unrivaled 
experience in designing and 
building secure firewalls ensures 
a proven and reliable solution. 






















Minimize your Internet security risk with Digital's 
firewall family 

The Internet is growing at an exponenial rate offering virtually unlimited 
business opportunities, but these opportunities are not free of risk. 

The number one risk associated with the Internet today Is security, 
which can be as diverse and unique as the companies and organizations 
capitalizing on the internet opportunity. 

The companies connecting to the Internet represent a diverse group 
with diverse security needs, and a single firewall cannot meet the 
needs of this group. 

In response, Digital offers a three-tiered firewall family that minimizes 
the Internet security risk and spans the security needs of the Internet's 
diverse universe of users: 

Entry-level 

The BorderWare Firewall Server from Border Network Technologies, 
Inc, is our low-cost, highly secure, single-system firewall and Internet 
gateway in one. This easy to install and manage PC-based solution is 
virtually plug-and-play. 

Mid-range 

The Digital Firewall for UNIX is a preconfigured, highly secure, 
single-system firewall that combines packet filtering, trusted application 
gateways, and comprehensive logging with an easy-to-use GUL This 
product is highly scalable to meet future expansion, performance, and 
security needs. 

High-end 

The Digital Firewall Service (formerly SEAL) is a multisystem firewall 
solution that combines our proven and tested Digital Firewall for 
UNIX software with custom configuration, consulting, and training. This 
solution is designed to meet the needs of customers requiring custom 
Internet security and whose firewalls must deliver high performance 
and continuous availability. 

These offerings give Digital the most comprehensive firewall portfolio 
in the industry, enabling it to accommodate the smallest to the largest 
enterprise, and the simplest to the most complex security needs. 



Digital's three-tier 
firewall family 


Mid-range 

• Single system 

* Scalable to 
multisystem firewall 


Enfry-leveJ 

* Low cost 

- Plug-and-play 

• PG-based 


High-end 

* Customized to 
specific requirements 

* Consulting, software, 
training, and support 


Level of security 
customization 


l 


▼ 


Since no two companies connecting to the Internet have the same processing 
and security nmh s Digital offers a three-tiered firewall family consisting 
of three types offirewall systems to meet their specific requirements; (1) the 
high-end Digital Firewall Service, ■which addresses high-performance 
and high-availability demands coupled with custom security policy' needs; 
(2) the mid-level, single-system Digital Firewall for UNIX, which meets 
current needs but is expandable to a multisystem firewall to accommodate 
increases in traffic volumes and security complexity: and (3) the entry-level 
BorderWare Firewall Server from Border Network Technologies f Inc. 
for a low-cost, highly secure firewall implementation that is virtually 
plug-and-play , 


Digital Firewall Service 
for iron-clad security and 
high-end, high-performance 
needs 

Digital can create that security 
for you. We can provide a high- 
performance, reliable connection 
between your private network 
and the Internet, while delivering 
unrivaled security solutions by 
combining expert consulting 
with customized software, 
training, and support services. 
By incorporating programma¬ 
ble or customized firewalls with 
a screened intelligent gateway, 
the Digital Firewall Service 
provides you with controlled 
access to the Internet while cre¬ 
ating the highest possible level 
of protection against unautho¬ 


rized entry from the Internet, 
Further, we tailor the rules of 
connection to your require¬ 
ments, for example, by using 
authorized users or types oi 
applications, ro keep the entire 
security process transparent to 
your users. We also provide full 
auditing facilities. 

Simplifying firewall 
administration from 
the start 

WeVe simplified the base 
firewall construction and con¬ 
figuration to make system 
administration easier by incor¬ 
porating robust auditing and 
logging, customizable scripts, 
real-time intrusion detection, 
and host security. 











Addressing your unique 
security policies and 
procedures 

Ideal for organizations requir¬ 
ing multi-host, robust Internet 
gateways, the custom approach 
of the Digi tal Firewall Sendee 
accommodates arbitrary security 
policies along with special per¬ 
formance req ui reme n ts. Th us, 
by combining customized con¬ 
sulting } software, training, and 
support services, Digital can 
provide you with a comprehen¬ 
sive security solution from a 
single source- 

Delivering proven and 
reliable security solutions 

Our unrivaled experience in 
designing and building secure 
firewalls ensures that you will 
get a proven and reliable secu¬ 
rity system. Our own firewall 
has secured Digital s internal 
network for more than five years, 
managing such services as 
Mosaic " and FTP, and handling 
almost 2 million mail messages 
per month. Our securi ty consul¬ 
tants put that experience and 
know-how to work, by installing 
this high-performance Digital 
Firewall Service at more than 
180 sites during the last year 
to safeguard their network 
security. These sites include 
numerous large, multinational 
organizations in manufacturing, 
telecomm an icati o ns, ae raspace, 
pe t roc he m leal, p harm ac eu t i cal s, 
and higher education, and in 
government. 


Gatekeeper 


m 


Mailgate 


EJ 



This proven approach provides access to Internet setvices in a near-transparent 
fashion , while at the same time preventing unauthorized access to your 
private net work by externa! users , AII Internet services you wish to provide 
are hosted on the systems t represented here by the Gatekeeper ; outside of the 
Firewall gateway. These services are also available to your internal users 
through the gateway. The only inbound connection permitted without 
authentication is for mail which Is processed by a mail forwarder shown 
here as the Mailgate , 


Risky ways of addressing 
the Internet security issue 

Granted there are many ways of 
connecting to the Internet, but 
only a few would be acceptable 
to the prudent MIS manager. 
The most simple connection, 
and by far the most dangerous, 
is to tie in from a single PC or 
workstation within your orga¬ 
nization, providing no control 
or visibility. 

Another common approach 
uses a router connection between 
a private network and the 
Internet. Most of today’s routers 
have some kind of filtering 
capability, but this filtering 
generally suffers from lack of 
flexibility or sophistication to 
provide effective security. 

The sure and proven way 
to secure your Internet 
connection 

You can establish a more secure 
and flexible solution by con¬ 
necting through an intelligent 
gateway that makes use of prior 
knowledge or security clearance 
to determine access privileges. 
This is the central component 
of the Digital Firewall Service. 
The intelligent gateway allows 
you to control which hosts on 
your network talk to which 
hosts on the Internet, and which 
applications, for example e-mail 
or FIT, they can use. In addition, 
full audit logs, indispensable as 
a way to detect network attack, 
can be sen t back to one of our 
own systems for safekeeping 
and analysis. 


Although the intelligent gate¬ 
way provides a high degree of 
security and flexibility, it is 
still vulnerable to attack and 
penetration because it is still 
connected directly to the Internet, 
In addition, in order to receive 
e-mail from Internet users, 
you still have to disclose vital 
information on your internal 
ne twork. J us t i fi ably, m any 
organizations arc uneasy about 
revealing such information. 

The Digital Firewall Service 
solves this problem by hiding 
or screening the gateway 
behind a public system to 
shield it from direct contact. 
Now all communication with 
the Internet must pass through 
the public system, w T hich is the 
only system that Internet users 
can see. All the Internet func¬ 
tions are provided through 
secure software on the public 
system. For example, this sys¬ 
tem is given as your official 


public address — any mail is 
automatically passed on to you 
through this system when it 
arrives. The public system too 
is configured with the greatest 
possible protection against attack 
and has full audit capabilities. 

Relying on unmatched 
customer support to connect 
into the Internet 

To ensure that your firewall 
system is always online and 
available to protect your net¬ 
works around the clock, Digital 
offers comprehensive Technical 
and customer support services. 
Digital and its authorized 
resellers provide a four-part 
portfolio of Internet services 
that address the major phases 
of integrating the Internet into 
your operations. These Internet 
services will help you: 

* Determine what the Internet 
can do for your organization 
•Connect to the Internet 












g 


•Do business over the Internet 

• Manage and operate your 
Internet server 

I n con j u nc ti on wi th th es e 
Internet services, Digitals 
authorized business partners 
provide the specific Internet 
applications development ser¬ 
vices that will get you up and 
running. Here's a brief 
overview. 

What the Internet can do for your 
organization 

This planning segment of the 
portfolio comprises three dis¬ 
tinct services to help you plan 
and test your entry onto the 
Net: 

• Internet Executive Workshops 

• Internet Business Planning 
Service 

• The Internet Business Pilot 

Connecting you to the Internet 
This design and implementa¬ 
tion segment of the portfolio 
launches your organization onto 
the Internet in earnest. It con¬ 
sists of six separate steps: 

• Internet Technical Assessment 

• Internet Security Services 

• Internet Network Services 

• Internet Server Startup 

• Internet Client Startup 
■ Internet Training 
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Helping you do business over 
the Internet 

This third segment of Digital's 
Internet services portfolio deliv¬ 
ers the payoff on all of your 
efforts. It consists of four ser¬ 
vices designed to maximize 
your return for your investment 
into the Internet: 

■ Web Information Architecture 

• Internet Application and 
Data Integration 

• Internet Commerce Services 

• Internet Collaboration Services 

Helping manage and operate your 
Internet server 
This final segment of the 
Internet services portfolio com¬ 
prises four distinct offerings to 
help you manage your Internet 
installation to best advantage: 
•Web Server Management 

• Internet Gateway Management 

• Webmaster Services 

• Web Server Support 

Leveraging Digital's 
extensive Internet 
experience 

Through our in-depth knowl¬ 
edge of networks and pervasive 
use of the Internet, we are uniquely 
able to both develop and offer 
Internet tools, security systems, 
and services. To date, Digital has 
installed more than 180 firewall 
systems for customers wishing to 
establish a secure connection to 
the Internet. 


Digital has had an Internet 
connection for over a decade 
and we take our Internet secu¬ 
rity very seriously. The Digital 
worldwide IP network coday 
consists of some 40,000 TCP/IP 
nodes, part of a total network of 
some 80,000 nodes. Digital 
established the first, and now 
the largest, commercial World 
Wide Web server for customer 
information in October 1993. 
The Digital Internet connection 
currently handles some 2 million 
mail messages and provides 
approximately 20,000 product 
and service-related documents 
to customers per month. In 
addition, we provide access to 
more than 300,000 files of public 
domain software as a free service 
to Internet users. 

Taking the next step for a 
secure Internet connection 

To learn more about Digital s 
Internet security products, 
contact your local Digital 
Authorized Distributor, 
Reseller, or Digital sales office. 

From the Internet, Internet 
security product information is 
available on Digital’s WWW 
home page: URL:http://www. 
d igi t al. com / i nfo/i nte rn et. 


Send e-mail to: 

firewall<®digltal.com. For infor¬ 
mation by fax in the ITS. and 
Canada, call I-800-DIGITAL 
and select the menu option for 
InstaFACTS, Outside the U.S. 
and Canada, call 908-885-6426. 


Digital believes the information in this 
publication is accurate as of Its publication date; 
such information is subject to change without 
notice. Digital is not responsible for any 
inadvertent errors. 


Digital conducts its business in a manner that 
conserves the environment and protects the 
safety and health of its employees, customers, 
and the comm unity. 

Digital, the DIGITAL logo, and the 
AlphaGtneratioii design mark are trademarks 
of Digital Equipment Corporation. 

Bonder Ware Firewall Server is a registered 
Trademark of Border Network Technologies, Inc. 
Mosaic is a Trademark of Mosaic Communications 
Corporation. UNIX is a registered trademark in 
the United States and other countries licensed 
exclusively through X/Open Company Ltd. 
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